MS03-043 exploit for Windows Messenger Service vulnerability

[REN-ISAC <dodpears () INDIANA EDU>]

From the DHS IAIP open source report:

October 25, TechWeb News — Attackers gearing up to exploit Windows Messenger security hole. An exploit code that takes 
advantage of a critical vulnerability in Microsoft's Windows Messenger Service is out in the wild and could prove as 
dangerous as this summer's MSBlaster worm if attackers decide to focus their efforts, security analysts said Friday, 
October 24. Released early last week, the exploit code -- which has been crafted to run not only on attackers' Windows 
machines, but also on Linux and Unix boxes -- crashes Windows systems not patched against the vulnerability released 
October 15 in Microsoft Security Bulletin MS03-043. What concerns security analysts is the speed with which this 
exploit was produced. The span between the disclosure of the vulnerability by Microsoft and proof of exploit code was 
just three days. Users can disable Windows Messenger Service by following the instructions in Microsoft's security 
bulletin:
http://www.microsoft.com/technet/treeview/?url=/technet/security/bulletin/MS03-043.asp

Source: http://www.internetweek.com/security02/showArticle.jhtml?articleID=15600402


Doug Pearson
Director, REN-ISAC
ren-isac () iu edu
http://www.ren-isac.net

**********
Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at 
http://www.educause.edu/cg/.